Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/1-5N_w4nD2cGnCDd-XCO_FAaVayk.roa
File: 1-5N_w4nD2cGnCDd-XCO_FAaVayk.roa (raw, json)
Hash identifier: iJZ4yBtppq/K8kAIys6DuOYBcGW6byhuti5HlnhtCaU=
Subject key identifier: FB:93:7F:C3:89:C3:D9:C1:A7:08:37:7E:5C:23:BF:14:06:95:6B:29
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 0193104339FBED8755F191F6B2F900188436
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/1-5N_w4nD2cGnCDd-XCO_FAaVayk.roa
Signing time: Sat 09 Nov 2024 09:31:01 +0000
ROA not before: Sat 09 Nov 2024 09:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57497
IP address blocks: 45.89.236.0/22 maxlen: 24
103.130.146.0/24 maxlen: 24
212.18.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:43:39:fb:ed:87:55:f1:91:f6:b2:f9:00:18:84:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Nov 9 09:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb937fc389c3d9c1a708377e5c23bf1406956b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:1b:7d:40:88:48:3d:f4:c1:2e:05:e9:f8:
35:aa:71:01:cd:a9:6f:5f:c2:d1:96:8e:35:98:d1:
14:87:c8:2c:2f:dd:42:24:3f:7f:27:92:c6:a8:52:
10:30:39:47:6e:04:9b:84:fa:98:ab:44:b3:b0:1f:
21:14:23:c8:b5:08:a8:e6:e6:62:15:35:5c:10:fa:
aa:29:f8:24:8c:b5:72:61:87:9f:1c:8b:8a:f1:32:
47:02:87:4f:ba:22:cf:fa:e3:f9:b1:35:a0:81:f4:
b7:c2:07:d6:05:ee:91:d0:ed:4b:7b:fd:55:5c:46:
1d:a6:f9:a5:52:14:8f:d6:3f:ab:93:1d:9a:5f:d1:
19:b9:73:a3:74:b4:5a:32:40:42:8a:0d:d2:38:f4:
c9:6c:a3:46:f8:c7:98:de:bb:0e:28:da:14:f1:be:
a4:8e:4b:b4:e8:e4:ba:f4:e1:79:1a:c3:46:b9:7a:
cf:ba:80:b1:13:9f:70:2a:eb:ae:da:72:90:80:fa:
91:32:c9:be:a8:59:3b:ff:aa:76:4d:9c:97:3e:09:
68:4c:f3:87:da:93:7d:38:b3:27:56:86:67:7e:8d:
ab:66:f2:bf:06:95:47:7c:04:f3:93:db:3f:0a:1a:
05:61:3a:0a:15:22:b2:70:dd:22:7e:68:25:7c:a1:
96:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:93:7F:C3:89:C3:D9:C1:A7:08:37:7E:5C:23:BF:14:06:95:6B:29
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/1-5N_w4nD2cGnCDd-XCO_FAaVayk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
103.130.146.0/24
212.18.108.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ef:90:2c:33:06:6d:0a:cc:8b:1d:03:aa:10:ed:6e:57:09:
61:a2:a8:d1:bd:28:a3:17:eb:aa:ba:ad:29:83:b1:20:9e:88:
a1:af:1c:35:d1:26:50:a8:78:be:4d:12:f0:15:cd:06:10:2c:
1a:25:fe:03:3d:1c:e8:77:c3:3e:64:f2:65:88:0d:bc:f9:5e:
bd:0f:78:ce:42:c0:14:2b:b7:62:08:a7:2e:58:9e:ba:09:20:
df:37:53:10:94:9f:ee:a3:24:07:f3:03:c4:70:88:8f:de:9d:
b5:9a:8d:16:6f:7d:d2:a8:1f:70:d9:91:90:48:01:70:73:dc:
8b:19:58:46:db:71:aa:ba:b0:a9:b7:da:aa:46:e0:f8:20:2c:
ab:30:7d:7b:95:14:a5:b7:c7:34:cf:4a:b8:82:ce:29:66:75:
f9:08:95:65:e3:5e:e6:70:cc:fa:db:b7:af:40:69:fb:10:e6:
df:72:38:0f:12:64:79:a9:22:c2:4c:4d:10:4f:70:26:e2:96:
d1:5d:f7:f8:5a:2e:00:e6:26:0b:2d:97:e7:9a:2e:7e:d3:d5:
c9:ae:53:10:e6:ed:11:8d:1e:88:cf:4d:67:97:56:dd:54:e8:
cd:29:6e:60:e0:0b:cc:f3:07:2b:63:31:4c:63:50:0b:a9:57:
51:3d:3c:25
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZMQQzn77YdV8ZH2svkAGIQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQxMTA5MDkzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjkzN2ZjMzg5YzNkOWMxYTcwODM3N2U1YzIzYmYxNDA2OTU2YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyksbfUCISD30wS4F6fg1qnEBzalv
X8LRlo41mNEUh8gsL91CJD9/J5LGqFIQMDlHbgSbhPqYq0SzsB8hFCPItQio5uZi
FTVcEPqqKfgkjLVyYYefHIuK8TJHAodPuiLP+uP5sTWggfS3wgfWBe6R0O1Le/1V
XEYdpvmlUhSP1j+rkx2aX9EZuXOjdLRaMkBCig3SOPTJbKNG+MeY3rsOKNoU8b6k
jku06OS69OF5GsNGuXrPuoCxE59wKuuu2nKQgPqRMsm+qFk7/6p2TZyXPgloTPOH
2pN9OLMnVoZnfo2rZvK/BpVHfATzk9s/ChoFYToKFSKycN0ifmglfKGW7wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPuTf8OJw9nBpwg3flwjvxQGlWspMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvMS01Tl93NG5EMmNHbkNEZC1YQ09fRkFhVmF5ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmYvZmQ4NDU3LTgxMGYtNGY3ZS05ZTU4LTU2Y2MzOWRiNmVk
Ni8xL3hadlI2TVdQWkJ2WlJEQmZFY1ZPX2w4NkRPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi1Z7AME
AGeCkgMEANQSbDANBgkqhkiG9w0BAQsFAAOCAQEAh++QLDMGbQrMix0DqhDtblcJ
YaKo0b0ooxfrqrqtKYOxIJ6Ioa8cNdEmUKh4vk0S8BXNBhAsGiX+Az0c6HfDPmTy
ZYgNvPlevQ94zkLAFCu3YginLlieugkg3zdTEJSf7qMkB/MDxHCIj96dtZqNFm99
0qgfcNmRkEgBcHPcixlYRttxqrqwqbfaqkbg+CAsqzB9e5UUpbfHNM9KuILOKWZ1
+QiVZeNe5nDM+tu3r0Bp+xDm33I4DxJkeakiwkxNEE9wJuKW0V33+FouAOYmCy2X
55ouftPVya5TEObtEY0eiM9NZ5dW3VTozSluYOALzPMHK2MxTGNQC6lXUT08JQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:17:03 2024 by rpki-client on console-fra.rpki-client.org